var express = require('express');
var router = express.Router();
var md5 = require('md5');
var fs = require('fs');
var conn = require('../conn');


router.get('/login', function(req, res, next) {
	
	res.render('login');
});
router.post('/dologin',function(req,res,next){
	req.body.password= md5(req.body.password);
	var sql = 'select * from users where username = "'+req.body.username+'" and password ="'+req.body.password+'"'
	conn.query(sql, function(err, rows, fields) {
			if (rows.length == 0) {
				res.send('别傻了！你怎么可能知道我的密码？！ 呵呵')
			}else{
				// var cookie_id = Math.floor(100000000000000000*Math.random());
				// fs.writeFileSync(""+cookie_id,"ture");
				// res.cookie("cookie_id",cookie_id);
				req.session.username = rows[0].username
				req.session.password = true;
				res.send("OK")
			}	
	})
	// if (req.body.username=="admin" && req.body.password=="123") {
	// 	res.cookie('password','pass');
	// 	res.redirect('/admin')
	// }else{
	// 	
	// }
})
router.get('/signin', function(req, res, next) {
	
	res.render('signin');
});
router.post('/getlogin',function(req,res,next){
	if (req.body.password==req.body.repassword) {
		req.body.password= md5(req.body.password);
		var sql = 'insert into users values (null,"'+req.body.username+'","'+req.body.password+'")'
		console.log(sql)
		conn.query(sql, function(err, rows, fields) {
			res.redirect('/admin')
		})
	}else{
		res.send("重复密码错误")
	}
	
})

module.exports = router;
